﻿using System;
using System.Web;
using System.Web.Security;
using Framework.Library.Base.Base;
using Framework.Library.Base.Extensions;
using Framework.Library.Data.DAL;
using Framework.Library.Data.DAO;
using System.Configuration;
using Framework.Library.Core.Utils.Security;
using Framework.Library.Core.Config;
using Framework.Library.Core.Provider.Payment;

namespace Framework.Library.Base.Helper
{
    public class SecurityHelper : BaseClass
    {
        private static readonly bool IS_DEBUG_MODE = Convert.ToBoolean(ConfigurationManager.AppSettings["DEBUG_MODE"]);
        private static readonly bool IS_AUTHENTICATION_MODE = Convert.ToBoolean(ConfigurationManager.AppSettings["AUTHENTICATION_MODE"]);

        public static bool IsAuthenticated(out string returnUrl)
        {
            string strLogin = string.Empty;
            bool isAuthenticated = false;
            if (IS_AUTHENTICATION_MODE)
            {
                if (HttpContext.Current.User != null)
                {
                    if (HttpContext.Current.User.Identity.IsAuthenticated)
                    {
                        if (HttpContext.Current.User.Identity.Name.IndexOf(cfg.PrefixMember.VALUE) != -1)
                        {
                            if (HttpContext.Current.User.Identity is FormsIdentity)
                            {
                                FormsIdentity id = HttpContext.Current.User.Identity as FormsIdentity;
                                FormsAuthenticationTicket ticket = id.Ticket;
                                isAuthenticated = !string.IsNullOrEmpty(ticket.UserData);
                            }
                        }
                    }
                }
                strLogin = "/Login.aspx?returnurl=" + HttpContext.Current.Server.UrlEncode(Crypto.Encrypt(HttpContext.Current.Request.RawUrl));
            }
            else
            {
                if (!IS_DEBUG_MODE)
                {
                    string SSOINFO = "ssoinfo";
                    var ssoInfo = HttpContext.Current.Request.Cookies[SSOINFO];
                    if (ssoInfo == null)
                    {
                        HttpContext.Current.Session.Clear();
                        HttpContext.Current.Session.Abandon();
                    }
                    else
                    {
                        if (HttpContext.Current.Session[SSOINFO] != null)
                        {
                            if (HttpContext.Current.Session[SSOINFO].ToString().Trim() != ssoInfo.Value.Trim())
                            {
                                HttpContext.Current.Request.Cookies.Remove(SSOINFO);
                                HttpContext.Current.Session.Clear();
                                HttpContext.Current.Session.Abandon();
                            }
                            else
                                isAuthenticated = true;
                        }
                    }
                }
                if (HttpContext.Current.Session.IsOnline())
                    isAuthenticated = true;
                //strLogin = LoginHelper.strLogin;
                strLogin = string.Empty;
            }
            returnUrl = strLogin;
            return isAuthenticated;
        }

        public static int IsDenied(int userId, int menuId)
        {
            var infoRole =
                (PortalRole)
                HttpContext.Current.Session[
                    "CURRENT_ROLE_" + HttpContext.Current.Session.GetUser().USERID + "_" + Configurations.PORTALID];
            if (infoRole == null)
            {
                infoRole = ManagerFactory.PortalRoleManager.GetRole(userId, Configurations.PORTALID);
                if(infoRole != null)
                    HttpContext.Current.Session.Add("CURRENT_ROLE_" + userId + "_" + Configurations.PORTALID, infoRole);
            }
            int isPermission = 0;
            if (infoRole != null)
            {
                if (!string.IsNullOrEmpty(infoRole.PERMISIONS))
                {
                    if (infoRole.PERMISIONS != "0")
                    {
                        string[] lstMenu = infoRole.PERMISIONS.Split(',');
                        foreach (string s in lstMenu)
                        {
                            if (Convert.ToInt32(s) == menuId)
                            {
                                isPermission = menuId;
                                break;
                            }
                        }
                        if (isPermission == 0)
                            isPermission = Convert.ToInt32(lstMenu[0]);
                    }
                    else
                        isPermission = menuId;
                }
            }
            return isPermission;
        }
    }
}